Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/yx-2jgNyCjruYbffC8cNj-yJmIQ.roa
File: yx-2jgNyCjruYbffC8cNj-yJmIQ.roa (raw, json)
Hash identifier: ZAF5MiXYXOjUlfqYHVHXr8f5CLu1mi+ALvS+JdlXiPI=
Subject key identifier: CB:1F:B6:8E:03:72:0A:3A:EE:61:B7:DF:0B:C7:0D:8F:EC:89:98:84
Certificate issuer: /CN=f970049cba7f39aeed31d65313c7b953f3fda135
Certificate serial: 018CCA99C6FD15C310217C0549AB1399C46B
Authority key identifier: F9:70:04:9C:BA:7F:39:AE:ED:31:D6:53:13:C7:B9:53:F3:FD:A1:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/yx-2jgNyCjruYbffC8cNj-yJmIQ.roa
Signing time: Tue 02 Jan 2024 14:35:24 +0000
ROA not before: Tue 02 Jan 2024 14:35:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197317
IP address blocks: 91.219.152.0/22 maxlen: 24
2a07:ae40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:c6:fd:15:c3:10:21:7c:05:49:ab:13:99:c4:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f970049cba7f39aeed31d65313c7b953f3fda135
Validity
Not Before: Jan 2 14:35:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb1fb68e03720a3aee61b7df0bc70d8fec899884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ba:fd:50:d5:65:cb:f8:32:14:f4:2b:92:f8:
c3:b5:5c:59:75:43:5f:29:13:5a:54:7e:1c:ae:0d:
7f:2a:87:13:b8:9a:d4:cc:0f:ed:f7:33:8f:5e:eb:
5d:8d:ff:ae:67:4b:b6:ee:e5:be:a2:71:16:47:61:
cd:cf:61:e4:6a:86:07:5b:b2:92:e3:46:ac:7b:3d:
f7:7c:11:ba:2e:61:87:f9:d5:9c:56:f4:7f:0b:0f:
e8:ba:24:eb:ab:9e:8f:2b:d8:f8:9a:16:35:15:e0:
70:f7:1c:f9:2a:7f:42:ad:49:40:19:6f:f3:7d:b5:
96:8d:ef:25:0c:1e:3a:0b:c8:d5:d4:a4:7c:62:c0:
51:75:0f:1e:59:ac:4e:65:6f:5f:63:a7:f4:4f:37:
60:cb:ad:b1:3f:dc:91:ee:62:08:24:4c:7b:de:f0:
a6:26:de:d5:aa:0c:9f:45:10:e8:d4:56:36:45:82:
9b:b6:f1:91:45:9f:2c:17:c9:0a:66:c5:fd:14:d0:
a6:e1:e2:29:52:a2:4b:ca:9b:7c:3b:0d:c5:3c:74:
69:de:36:51:4d:77:a6:66:b9:97:19:27:e5:91:78:
31:aa:1b:b9:95:7c:c1:b4:7c:39:eb:13:35:96:21:
84:ea:b1:b2:83:1b:a4:1c:b1:12:72:55:84:3b:dd:
f1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:1F:B6:8E:03:72:0A:3A:EE:61:B7:DF:0B:C7:0D:8F:EC:89:98:84
X509v3 Authority Key Identifier:
keyid:F9:70:04:9C:BA:7F:39:AE:ED:31:D6:53:13:C7:B9:53:F3:FD:A1:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/yx-2jgNyCjruYbffC8cNj-yJmIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.152.0/22
IPv6:
2a07:ae40::/29
Signature Algorithm: sha256WithRSAEncryption
34:2a:a8:6c:47:46:0e:f5:56:5f:d1:49:05:8f:6f:4b:aa:17:
f4:29:33:ca:09:59:2d:8f:97:e5:c8:93:4f:4c:94:51:ae:0a:
0a:93:78:3f:ff:86:a7:4b:23:01:0c:f3:8c:2c:01:2b:f2:85:
8d:89:1c:9c:f7:20:60:1a:b7:0a:31:19:86:6b:18:97:31:0f:
91:19:d6:aa:a8:4d:b8:d6:8c:e5:24:72:d0:ec:e7:24:0d:fd:
05:9e:29:2f:04:70:2c:4e:f0:d6:3f:a5:97:75:21:a0:76:08:
2a:63:a7:20:ca:ec:1b:e7:b4:1b:f3:c7:e4:8f:6a:b4:4b:5f:
25:6c:5c:54:98:85:fa:24:53:8e:11:90:58:cd:53:fc:92:f8:
41:3a:29:e1:a2:7c:3e:8b:74:2a:b2:5c:fb:e4:d0:ed:a4:91:
be:94:eb:49:b8:e9:87:1e:03:50:f3:20:62:31:a4:76:d1:0b:
6c:18:da:0f:d8:65:88:b4:f1:40:ea:95:dd:2c:bf:e2:f6:73:
89:b1:0a:06:97:4e:e1:67:84:0b:a3:9b:c2:6a:fe:57:32:bf:
20:45:3d:06:df:58:d7:0a:e0:c0:23:f0:ac:24:df:3a:5b:f5:
b2:70:2a:48:29:ec:e0:4f:2f:18:68:0e:cf:77:84:e0:fb:be:
85:b7:70:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKmcb9FcMQIXwFSasTmcRrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NzAwNDljYmE3ZjM5YWVlZDMxZDY1MzEzYzdiOTUzZjNm
ZGExMzUwHhcNMjQwMTAyMTQzNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjFmYjY4ZTAzNzIwYTNhZWU2MWI3ZGYwYmM3MGQ4ZmVjODk5ODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrr9UNVly/gyFPQrkvjDtVxZdUNf
KRNaVH4crg1/KocTuJrUzA/t9zOPXutdjf+uZ0u27uW+onEWR2HNz2HkaoYHW7KS
40asez33fBG6LmGH+dWcVvR/Cw/ouiTrq56PK9j4mhY1FeBw9xz5Kn9CrUlAGW/z
fbWWje8lDB46C8jV1KR8YsBRdQ8eWaxOZW9fY6f0Tzdgy62xP9yR7mIIJEx73vCm
Jt7VqgyfRRDo1FY2RYKbtvGRRZ8sF8kKZsX9FNCm4eIpUqJLypt8Ow3FPHRp3jZR
TXemZrmXGSflkXgxqhu5lXzBtHw56xM1liGE6rGygxukHLESclWEO93x/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMsfto4Dcgo67mG33wvHDY/siZiEMB8GA1UdIwQY
MBaAFPlwBJy6fzmu7THWUxPHuVPz/aE1MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YQUVuTHBfT2E3dE1kWlRFOGU1VV9QOW9UVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIvMTNmNWYxLTQ1YjYtNGJjMS1iNWE1
LTUyMWZhNDFkZmM5Ni8xL3l4LTJqZ055Q2pydVliZmZDOGNOai15Sm1JUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTIvMTNmNWYxLTQ1YjYtNGJjMS1iNWE1LTUyMWZhNDFkZmM5
Ni8xLzEtWEFFbkxwX09hN3RNZFpURThlNVVfUDlvVFUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJb25gw
DQQCAAIwBwMFAyoHrkAwDQYJKoZIhvcNAQELBQADggEBADQqqGxHRg71Vl/RSQWP
b0uqF/QpM8oJWS2Pl+XIk09MlFGuCgqTeD//hqdLIwEM84wsASvyhY2JHJz3IGAa
twoxGYZrGJcxD5EZ1qqoTbjWjOUkctDs5yQN/QWeKS8EcCxO8NY/pZd1IaB2CCpj
pyDK7BvntBvzx+SParRLXyVsXFSYhfokU44RkFjNU/yS+EE6KeGifD6LdCqyXPvk
0O2kkb6U60m46YceA1DzIGIxpHbRC2wY2g/YZYi08UDqld0sv+L2c4mxCgaXTuFn
hAujm8Jq/lcyvyBFPQbfWNcK4MAj8Kwk3zpb9bJwKkgp7OBPLxhoDs93hOD7voW3
cAU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:53:51 2024 by rpki-client on console-ams.rpki-client.org